package com.lx.boot.web.filter;

import com.lx.annotation.Note;
import com.lx.boot.OS;
import com.lx.boot.web.config.SysApiProperties;
import com.lx.constant.DefaultResult;
import com.lx.entity.Var;
import com.lx.util.LX;
import com.lx.util.secure.algorithm.encrypt.Aes;
import com.lx.util.secure.algorithm.encrypt.Rsa;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;

import java.io.FileNotFoundException;
import java.io.IOException;

import static com.lx.constant.DefaultBaseConstant.SYS_AUTHORIZATION;
import static com.lx.constant.DefaultBaseConstant.SYS_AUTHORIZATION_DATA;

@Slf4j
@Note("系统接口处理 使用特定加解密方法")
@Component("sysApiFilter")
public class SysApiEncryptFilter extends ApiEncryptFilter {

    //"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaYC7O7K1iOQldiIcESJ7Xzm65PGcYdJ5+H0CHc+BAcr/Ump9gyTiugiul+M/uvpq+7SUdRjQvuT36KNUKjz9spVa29vcLXpmrPsWcXFOxOZDUBcJQsbupPn7YaRax0ZXyZ6MKLggKk6Li8B6t1HfUDTQXUd01NYlW31y4hh4KojJR1RpXRU3kuQyB+18xGK0LwXssjbSVUh/uu1/WJPCiRDbkgfYUlGEm5rLU+tKSYb/wFJVY2ZV3gGGAB7D6h9Fzsp7VMGiC2BAcGMg/cc0xbIKPyCl5dlvnPdJ8om7QoVc3Ygi2y4YDJYdF+fXfWONPX9B2+GJvoXPVSSRTPCeQIDAQAB"
    private static final String privateKey = "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC5pgLs7srWI5CV2IhwRIntfObrk8Zxh0nn4fQIdz4EByv9San2DJOK6CK6X4z+6+mr7tJR1GNC+5Pfoo1QqPP2ylVrb29wtemas+xZxcU7E5kNQFwlCxu6k+fthpFrHRlfJnowouCAqTouLwHq3Ud9QNNBdR3TU1iVbfXLiGHgqiMlHVGldFTeS5DIH7XzEYrQvBeyyNtJVSH+67X9Yk8KJENuSB9hSUYSbmstT60pJhv/AUlVjZlXeAYYAHsPqH0XOyntUwaILYEBwYyD9xzTFsgo/IKXl2W+c90nyibtChVzdiCLbLhgMlh0X59d9Y409f0Hb4Ym+hc9VJJFM8J5AgMBAAECggEAA/f5jgkYyvUdrSZg3E2KyUnnQdf54QlsWgmphtjNuZZRqWt+t6TTLqABxgwu3nA6oZNMabVpnc/0/E3kSXojJP50TwSl1Dn/UXBROCYTLk0f83mRvrT7FcT9q0U6LJkFptQSvqFsvTNg7AXTO6sZUSMmoPqY9aCNfzxHid9TgFL5cDa3eIKxApMcP8CpwER588fmh8W+Ac0TByN+5EGvvfm31fN3YvYGvL9diLqPZNReluCSCkZzs3M+UxWInHAeVhr852MLN7m7juR/MuOTZR+vayvG6JqLSB6g9cOPxIex9uBbPIbKa16ZD6EjfEFOSYM7CSmowKDqzrifgrXYVQKBgQDonIJeCINU3Ou7oe7NsNTCCDgTCJk7NtJtnElbKBQLdM1Gm86eF5qFacZM1C0K25Qp+SnSI2bq4+UHeV57ePA3kgUe3892+rncyBINCE3V3IzhK0Ya4h+Zb2IFgBPIQ7ykMvtrqQN72/MDRnvsiBSqb3WLsf5K6aNillwaFOeCpwKBgQDMUKmgnRgw7W9lhzwk78lCzDJ3HIXpnKMUGFn9UozwgSfg7Oovh+q99ZDcXd50Xg8JXeL+E4u7zvKaD2aq/dO4x6oSqKiLNZG9U84t6p4UOE47/DcHtTPYP18fB4xtoNAAZ7T5yzMowLoL3UVA7MHo68ebGzVQBJIx4tOEMAzV3wKBgC/ZKfP/2kwVmaQiHkZPbqRvHmHD7glBMK39bRWEPANTRnqUyD666j0xUeox5wYJvwOXTmP8hkohENalv6q0aO11avo73ahC0QK6YQQvRhuM36ndxfD3vLpKMCajfu4+CMrZ9d/ih2XuC6IL2KgCIgYhIVPYDFAKmWJJPa7bx/eXAoGBAJk5gQz341WGKz2r/toAjiIvO0WCuZbqJo8CeDJ3v0T6x2pyompE9zHAwQPSzerdQ0+V/o7nH6sYV25cUHW56BcyfgSCQewsn4CqIfzjb+vgEiQAUVDRfvEVDYQayCDLMlKrc9jFoDdW2e/d4HsBU6cXc9mJvSCmXPFWl6QR2P5nAoGAWZy5+BfkbftV+uQQXFkTF8+6HRDV5N2qtoFF5XawB1CTE6US7sHaApSE4Zv9p5G4N5hHB983xJcw2kH/sMx9O8xZuBjxcGD+zhsQDgrraSMJpeaA5Y9na15H8lBStcXC0uPEkpi2uwiJFbYj/63BXicz+mEPePE5TLAtlUofaLU=";
    @Override
    protected RequestWrapper getRequestWrapper(HttpServletRequest request, byte[] bodys, boolean notEncryptionUrl) throws IOException {
        String key = request.getHeader(SYS_AUTHORIZATION);
        String data = request.getHeader(SYS_AUTHORIZATION_DATA);
        try {
            if (LX.isNotEmpty(key) && LX.isNotEmpty(data)) {
                Rsa rsa = Rsa.privateKey(privateKey);
                String aeskey = rsa.decryptToString(key);
                Aes aes = new Aes().key(aeskey);
                String datamap = aes.decryptToString(data);
                Var map = LX.toMap(datamap);
                String username = map.getStr("username");
                String password = map.getStr("password");
                String timestamp = map.getStr("timestamp");
                if (LX.isNotEmpty(username) && LX.isNotEmpty(password) && LX.isNotEmpty(timestamp)){
                    checkApiTimeAndRepeat(map.getStr("timestamp"), aeskey);
                    SysApiProperties apiProperties = OS.getBeanProperty(SysApiProperties.class, "server.sys." + username);
                    if (password.equalsIgnoreCase(apiProperties.getPassword())) {
                        OS.getResponse().addHeader("userType",aes.encryptToString(apiProperties.getUserType()));
                        return new RequestWrapper(request, bodys);
                    }
                    log.warn("请检查:server.sys." + username +" 是否配置password.");
                }
            }
        }catch (Exception e){
            log.error("认证失败!",e);
        }
        OS.responseErrorResult(DefaultResult.TOKERPAST.getResult());
        return null;
    }
}
